package com.chaos.auth.config.userdetails.service.common;

import cn.hutool.core.util.ObjectUtil;
import com.chaos.auth.config.grant.converter.helper.OAuth2EndpointHelper;
import com.chaos.auth.config.userdetails.details.AdminUserDetails;

import com.chaos.framework.model.dto.result.list.ListResult;
import com.chaos.framework.model.enums.ResultEnum;
import com.chaos.system.api.data.RbacUserData;
import com.chaos.system.api.feign.RbacUserFeign;
import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.stereotype.Component;

import java.util.List;
import java.util.Set;

@Slf4j
@Component
public class AdminCommonDetailsService {
    @Resource
    private RbacUserFeign rbacFeign;

    public RbacUserData getRbacUserDtoByPhone(String phone, Long tenantId) {
        RbacUserData query = RbacUserData.builder().mobile(phone).build();
        query.setTenantId(tenantId);
        return getRbacUserData(query);
    }

    public RbacUserData getRbacUserDtoByPhone(String phone) {
        RbacUserData query = RbacUserData.builder().mobile(phone).build();
        return getRbacUserData(query);
    }

    public RbacUserData getRbacUserDtoByUsername(String username, Long tenantId) {
        RbacUserData query = RbacUserData.builder().username(username).build();
        return getRbacUserData(query);
    }

    public RbacUserData getRbacUserDtoByUsername(String username) {
        return getRbacUserData(RbacUserData.builder().username(username).build());
    }

    private RbacUserData getRbacUserData(RbacUserData queryData) {
        ListResult<RbacUserData> result = rbacFeign.list(queryData);
        List<RbacUserData> RbacUserDtos = result.getList();
        if (ObjectUtil.isEmpty(RbacUserDtos)) {
            OAuth2EndpointHelper.throwError(ResultEnum.WRONG_ACCOUNT);
        }
        if (RbacUserDtos.size() > 1) {
            OAuth2EndpointHelper.throwError(ResultEnum.WRONG_ACCOUNT_ERROR);

        }
        return RbacUserDtos.get(0);
    }

    public AdminUserDetails getAdminUserDetails(RbacUserData rbacUser) {
        if (ObjectUtil.isNull(rbacUser)) {
            OAuth2EndpointHelper.throwError(ResultEnum.WRONG_ACCOUNT);
        }
        Set<Long> roles = rbacFeign.selectRolesByUserId(rbacUser);
        if (ObjectUtil.isEmpty(roles)) {
            OAuth2EndpointHelper.throwError(ResultEnum.ACCOUNT_NO_ROLE);
        }
        AdminUserDetails userDetails = new AdminUserDetails(rbacUser);
        if (!userDetails.isEnabled()) {
            OAuth2EndpointHelper.throwError(ResultEnum.ACCOUNT_IS_NOT_ENABLED);
        }
        else if (!userDetails.isAccountNonLocked()) {
            OAuth2EndpointHelper.throwError(ResultEnum.ACCOUNT_IS_LOCKED);
        }
        else if (!userDetails.isAccountNonExpired()) {
            OAuth2EndpointHelper.throwError(ResultEnum.ACCOUNT_IS_EXPIRED);
        }

        return userDetails;

    }


}
